diff options
| author | woodsb02 <woodsb02@FreeBSD.org> | 2016-11-23 21:16:53 +0800 |
|---|---|---|
| committer | woodsb02 <woodsb02@FreeBSD.org> | 2016-11-23 21:16:53 +0800 |
| commit | a747e4b1e2e98ae36b448d96267cf0e59ccdd1d4 (patch) | |
| tree | a10fbd3849cb1198ee2ea3d75c18d1d3378194f3 /security | |
| parent | aa55d0f1fc8d93a85899959039c11a24c22ec4d3 (diff) | |
| download | freebsd-ports-gnome-a747e4b1e2e98ae36b448d96267cf0e59ccdd1d4.tar.gz freebsd-ports-gnome-a747e4b1e2e98ae36b448d96267cf0e59ccdd1d4.tar.zst freebsd-ports-gnome-a747e4b1e2e98ae36b448d96267cf0e59ccdd1d4.zip | |
security/trousers: Fix compilation with LibreSSL
This was causing the build of security/gnutls to fail when the
TPM option was enabled and make.conf contained
DEFAULT_VERSIONS+=ssl=libressl. The gnutls configure script failed to
successfully link against the libtspi.so library, and therefore
determined the tss library was not suitable and disabled TPM.
/usr/local/lib/libtspi.so: undefined reference to `RSA_set0_key'
This caused the gnutls build to fail during staging due to an incorrect
PLIST (missing bin/tpmtool).
As of version 0.3.14, TrouSerS utilises the new OpenSSL function
RSA_set0_key, which was only introduced in OpenSSL 1.1.0 and is not in
LibreSSL (yet).
The TrouSerS code utilises the OPENSSL_VERSION_NUMBER preprocessor macro
to determine the version of OpenSSL which is it compiling against,
and defines the RSA_set0_key function if the version of OpenSSL is older
than 1.1.0. This causes an issue with LibreSSL, because it sets the
OPENSSL_VERSION_NUMBER preprocessor macro to impersonate OpenSSL 2.0.0.
The new patch-src_trspi_crypto_openssl_rsa.c causes TrouSerS to define
the RSA_set0_key function on LibreSSL also.
PR: 214660
Submitted by: David Z <daz@hyperchronos.org>
Reported by: Walter Schwarzenfeld <w.schwarzenfeld@utanet.at>
Approved by: adamw (mentor, implicit)
Approved by: portmgr (just-fix-it blanket)
Diffstat (limited to 'security')
| -rw-r--r-- | security/trousers/Makefile | 1 | ||||
| -rw-r--r-- | security/trousers/files/patch-src_trspi_crypto_openssl_rsa.c | 11 |
2 files changed, 12 insertions, 0 deletions
diff --git a/security/trousers/Makefile b/security/trousers/Makefile index 655d38b49539..a61f273a0157 100644 --- a/security/trousers/Makefile +++ b/security/trousers/Makefile @@ -3,6 +3,7 @@ PORTNAME= trousers PORTVERSION= 0.3.14 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= SF diff --git a/security/trousers/files/patch-src_trspi_crypto_openssl_rsa.c b/security/trousers/files/patch-src_trspi_crypto_openssl_rsa.c new file mode 100644 index 000000000000..3ed356589fb6 --- /dev/null +++ b/security/trousers/files/patch-src_trspi_crypto_openssl_rsa.c @@ -0,0 +1,11 @@ +--- src/trspi/crypto/openssl/rsa.c.orig 2016-11-23 12:26:19 UTC ++++ src/trspi/crypto/openssl/rsa.c +@@ -38,7 +38,7 @@ + #define DEBUG_print_openssl_errors() + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10100001L ++#if OPENSSL_VERSION_NUMBER < 0x10100001L || defined(LIBRESSL_VERSION_NUMBER) + static int + RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) + { |